Tips to Pass 156-115.77 Exam (51 to 60)
Our pass rate is high to 98.9% and the similarity percentage between our 156-115.77 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Check Point 156-115.77 exam in just one try? I am currently studying for the Check Point 156-115.77 exam. Latest Check Point 156-115.77 Test exam practice questions and answers, Try Check Point 156-115.77 Brain Dumps First.
Q51. - (Topic 5)
What do the ‘F’ flags mean in the output of fwaccel conns?
A. Forward to firewall
B. Flag set for debug
C. Fast path packets
D. Flow established
Answer: A
Q52. - (Topic 11)
You are having issues with dynamic routing after a failover. The traffic is now coming from the backup and is being dropped as out of state. What is the BEST configuration to avoid stateful inspection dropping your dynamic routing traffic?
A. Implement Wire mode.
B. In Global Properties select Accept other IP protocols stateful replies for unknown services.
C. Enable Visitor mode.
D. Create additional explicit rules.
Answer: A
Q53. - (Topic 7)
When a cluster member is completely powered down, how will the other member identify if there is network connectivity?
A. The working member will ARP for the default gateway.
B. The working member will look for replies to traffic sent from internal hosts.
C. The working member will automatically assume connectivity.
D. The working member will Ping IPs in the subnet until it gets a response.
Answer: D
Q54. - (Topic 8)
What is required when changing the configuration of the number of workers in CoreXL?
A. A reboot
B. cpstop/cpstart
C. evstop/evstart
D. A policy installation
Answer: A
Q55. - (Topic 6)
A Rule Base has been improperly configured with a rule which disables templating at the top of the Rule Base. How will this impact traffic acceleration?
A. SecureXL is disabled.
B. Templates are disabled, and throughput acceleration only functions for rules above this one.
C. Templates are disabled for this rule but it does not impact the rest of the Rule Base.
D. Templates are disabled but throughput acceleration is still taking place.
Answer: D
Q56. - (Topic 3)
Each connection allowed by a Security Gateway, will have a real entry and some symbolic link entries in the connections state table. The symbolic link entries point back to the real entry using this:
A. serial number of the real entry.
B. 6-tuple.
C. memory pointer.
D. date and time of the connection establishment.
Answer: B
Explanation:
C3O3 - ClusterXL
Q57. - (Topic 3)
After creating and pushing out a new policy, Joe finds that an old connection is still being allowed that should have been closed after his changes. He wants to delete the connection on the gateway, and looks it up with fw tab –t connections –u. Joe finds the connection he is looking for. What command should Joe use to remove this connection?
<0,a128c22,89,a158508,89,11;10001,2281,25,15b,a1,4ecdfeee,ac,691400ac,7b6,3e,ffffffff, 3c,3c,0,0,0,0,0,0,0,0,0,0,0,0,0,0>
A. fw tab –t connections –x –d “0,a128c22,89,0a158508,89,11"
B. fw tab –t connections –x –e "0,a128c22,00000089,0a158508,00000089,00000011"
C. fw tab –t connections –x –d “00000000,a128c22,00000089,0a158508,00000089,00000011"
D. fw tab –t connections –x –e “0,a128c22,89,0a158508,89,11"
Answer: B
Q58. - (Topic 9)
You have just taken over as a firewall administrator. Your company is using Geo Protections on your gateway, but you want to verify that the protections are up-to-date. How can you see when these were updated?
A. In the IPS tree Protections > Select Check for Update.
B. Check asm_update_version_geo in GuiDBedit.
C. In the IPS tree Protections > Geo Protections and check the profile name which is mm/dd/yy.
D. Check the time stamp of $FWDIR/tmp/geo_location_tmp/updates/IpToCountry.csv.
Answer: D
Q59. - (Topic 1)
John is a Security Administrator of a Check Point platform. He has a mis-configuration issue that points to the Rule Base. To obtain information about the issue, John runs the command:
A. fw debug fw on and checks the file fwm.elg.
B. fw kdebug fwm on and checks the file fwm.elg.
C. fw debug fwm on and checks the file fwm.elg.
D. fw kdebug fwm on and checks the file fw.elg.
Answer: C
27. - (Topic 1)
True or False: Software blades perform their inspection primarily through the kernel chain modules.
A. False. Software blades do not pass through the chain modules.
B. True. Many software blades have their own dedicated kernel chain module for inspection.
C. True. All software blades are inspected by the IP Options chain module.
D. True. Most software blades are inspected by the TCP streaming or Passive Streaming chain module.
Answer: B
Q60. - (Topic 11)
The current release of Check Point R77, what is a potential performance-related drawback to using Virtual Tunnel Interfaces (VTI) rather than Domain-based VPNs?
A. Use of VTIs will disable CoreXL and therefore will negatively impact hardware platforms running more than one CPU core.
B. Dynamic routing protocols will work across a domain-based VPN, but will not work across a VTI.
C. Use of VTIs will disable the entire SecureXL mechanism and prevent any traffic acceleration.
D. Domain-based VPNs are easier to configure than VTIs and therefore is the preferred implementation.
Answer: A